B M]@sdZddlmZmZmZmZddlmZddlm Z ddl m Z m Z ddl mZmZmZmZmZmZmZmZGdd d eZGd d d eZGd d d eZGdddeZGdddeZGdddeeZGdddeZGdddeZGdddeZGdddeZ GdddeZ!GdddeZ"Gd d!d!eeZ#Gd"d#d#eZ$Gd$d%d%eZ%Gd&d'd'eZ&Gd(d)d)eZ'Gd*d+d+eZ(Gd,d-d-eZ)Gd.d/d/eZ*Gd0d1d1eZ+Gd2d3d3eZ,Gd4d5d5eZ-Gd6d7d7eZ.Gd8d9d9eZ/Gd:d;d;eZ0Gdd?d?eZ2Gd@dAdAeZ3GdBdCdCeZ4GdDdEdEeeZ5GdFdGdGeZ6GdHdIdIeZ7GdJdKdKeZ8GdLdMdMeZ9e6e5j:dN<GdOdPdPeZ;GdQdRdReeZsr>c@seZdZdefdefgZdS) DigestInfoZdigest_algorithmZdigestN)rrrr>rrrrrrr?sr?c@seZdZddiZdS)MaskGenAlgorithmIdz1.2.840.113549.1.1.8mgf1N)rrrr9rrrrr@sr@c@s.eZdZdefdeddifgZdZdeiZdS)MaskGenAlgorithmrrrT)rrrAN) rrrr@r rrr>r rrrrrBsrBc@seZdZddiZdS) TrailerFieldrtrailer_field_bcN)rrrr9rrrrrCsrCc@sVeZdZdedddidfdeddddid dfd ed d dfd edddfgZdS)RSASSAPSSParamshash_algorithmrrr.)explicitdefaultmask_gen_algorithmrrA)rrZ salt_lengthZ trailer_fieldrDN)rrrr>rBr rCrrrrrrEs" rEc@s~eZdZdddddddddddd d d d d d d dddddddddddZdddddddd d!d"d#d$d%d&d'd(d)d*d+d,d-d.d/d0Zd1S)2SignedDigestAlgorithmIdmd5_rsasha1_rsamd2_rsa sha224_rsa sha256_rsa sha384_rsa sha512_rsa rsassa_psssha1_dsa sha224_dsa sha256_dsa sha1_ecdsa sha224_ecdsa sha256_ecdsa sha384_ecdsa sha512_ecdsasha3_224_ecdsasha3_256_ecdsasha3_384_ecdsasha3_512_ecdsarsassa_pkcs1v15dsaecdsa)z 1.3.14.3.2.3z 1.3.14.3.2.29z1.3.14.7.2.3.1z1.2.840.113549.1.1.2z1.2.840.113549.1.1.4z1.2.840.113549.1.1.5z1.2.840.113549.1.1.14z1.2.840.113549.1.1.11z1.2.840.113549.1.1.12z1.2.840.113549.1.1.13z1.2.840.113549.1.1.10z1.2.840.10040.4.3z 1.3.14.3.2.13z 1.3.14.3.2.27z2.16.840.1.101.3.4.3.1z2.16.840.1.101.3.4.3.2z1.2.840.10045.4.1z1.2.840.10045.4.3.1z1.2.840.10045.4.3.2z1.2.840.10045.4.3.3z1.2.840.10045.4.3.4z2.16.840.1.101.3.4.3.9z2.16.840.1.101.3.4.3.10z2.16.840.1.101.3.4.3.11z2.16.840.1.101.3.4.3.12z1.2.840.113549.1.1.1z1.2.840.10040.4.1z1.2.840.10045.4z1.2.840.10040.4.1z1.2.840.10045.4z1.2.840.113549.1.1.2z1.2.840.113549.1.1.4z1.2.840.113549.1.1.1z1.2.840.113549.1.1.10z1.2.840.10040.4.3z1.2.840.10045.4.1z1.2.840.113549.1.1.5z2.16.840.1.101.3.4.3.1z1.2.840.10045.4.3.1z1.2.840.113549.1.1.14z2.16.840.1.101.3.4.3.2z1.2.840.10045.4.3.2z1.2.840.113549.1.1.11z1.2.840.10045.4.3.3z1.2.840.113549.1.1.12z1.2.840.10045.4.3.4z1.2.840.113549.1.1.13z2.16.840.1.101.3.4.3.9z2.16.840.1.101.3.4.3.10z2.16.840.1.101.3.4.3.11z2.16.840.1.101.3.4.3.12)rcrdrPrNrbrUrVrYrOrWrZrQrXr[rRr\rSr]rTr^r_r`raN)rrrr9Z _reverse_maprrrrrMsfrMc@sFeZdZdefdeddifgZdZdeiZe ddZ e d d Z d S) SignedDigestAlgorithmrrrT)rrrUcCs`|dj}dddddddddddddddddddddddd}||krN||Sttd|dS) zx :return: A unicode string of "rsassa_pkcs1v15", "rsassa_pss", "dsa" or "ecdsa" rrbrUrcrd)rPrNrOrQrRrSrTrbrUrVrWrXrcrYrZr[r\r]r^r_r`rardz> Signature algorithm not known for %s N)r ValueErrorr)r#ralgo_maprrrsignature_algo/s: z$SignedDigestAlgorithm.signature_algocCsj|dj}dddddddddddddddd }||kr>||S|d krX|d d djSttd |dS)z :return: A unicode string of "md2", "md5", "sha1", "sha224", "sha256", "sha384", "sha512", "sha512_224", "sha512_256" rr<r=r.r/r0r1r2)rPrNrOrQrRrSrTrVrWrXrYrZr[r\r]rUrrFz9 Hash algorithm not known for %s N)rrfr)r#rrgrrr hash_algo\s. zSignedDigestAlgorithm.hash_algoN) rrrrMr rrrEr propertyrhrirrrrre$s  -rec@seZdZdefdefgZdS) Pbkdf2SaltZ specified other_sourceN)rrrrrZ _alternativesrrrrrksrkc@s8eZdZdefdefdeddifdeddd iifgZd S) Pbkdf2Paramssaltiteration_count key_lengthrTprfrHrr.N)rrrrkr r:rrrrrrms rmc@seZdZddiZdS)KdfAlgorithmIdz1.2.840.113549.1.5.12pbkdf2N)rrrr9rrrrrrsrrc@s.eZdZdefdeddifgZdZdeiZdS) KdfAlgorithmrrrT)rrrsN) rrrrrr rrrmr rrrrrtsrtc@s,eZdZdZdefdefdeddifgZdS) DHParameterszn Original Name: DHParameter Source: ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-3.asc section 9 pgZprivate_value_lengthrTN)rrrr*r rrrrrrusruc@seZdZddiZdS)KeyExchangeAlgorithmIdz1.2.840.113549.1.3.1dhN)rrrr9rrrrrxsrxc@s.eZdZdefdeddifgZdZdeiZdS)KeyExchangeAlgorithmrrrT)rrryN) rrrrxr rrrur rrrrrzsrzc@s"eZdZdeddifdefgZdS) Rc2Paramsrc2_parameter_versionrTivN)rrrr rrrrrrr{s r{c@seZdZddiZdS)Rc5ParamVersionzv1-0N)rrrr9rrrrr~sr~c@s.eZdZdefdefdefdeddifgZdS) Rc5Paramsversionroundsblock_size_in_bitsr}rTN)rrrr~r rrrrrrrsrc@seZdZdefdefgZdS) Pbes1Paramsrn iterationsN)rrrrr rrrrrrsrc@seZdZdefdefgZdS) CcmParamsZ aes_nonceZ aes_icvlenN)rrrrr rrrrrrsrc@seZdZddiZdS)PSourceAlgorithmIdz1.2.840.113549.1.1.9 p_specifiedN)rrrr9rrrrrsrc@s.eZdZdefdeddifgZdZdeiZdS)PSourceAlgorithmrrrT)rrrN) rrrrr rrrr rrrrrsrc@sNeZdZdedddidfdeddddid dfd ed d d d dfgZdS)RSAESOAEPParamsrFrrr.)rGrHrIrrA)rrZp_source_algorithmrJrN)rrrr>rBrrrrrrrs rc@s4eZdZdZdefdefgZeddZddZdS) DSASignaturea  An ASN.1 class for translating between the OS crypto library's representation of an (EC)DSA signature and the ASN.1 structure that is part of various RFCs. Original Name: DSS-Sig-Value Source: https://tools.ietf.org/html/rfc3279#section-2.2.2 rscCs>t|dt|d}t|t|dd}|||dS)a Reads a signature from a byte string encoding accordint to IEEE P1363, which is used by Microsoft's BCryptSignHash() function. :param data: A byte string from BCryptSignHash() :return: A DSASignature object rrJN)rr)r len)clsdatarrrrr from_p1363.s zDSASignature.from_p1363cCsJt|dj}t|dj}tt|t|}t||}t||}||S)z Dumps a signature to a byte string compatible with Microsoft's BCryptVerifySignature() function. :return: A byte string compatible with BCryptVerifySignature() rr)r rmaxrr)r#Zr_bytesZs_bytesZint_byte_lengthrrrto_p1363?s   zDSASignature.to_p1363N) rrrr*r r classmethodrrrrrrrs   rc-@sjeZdZddddddddd d d d d ddddddddddddddddddd d!d"d#d$d%d&d'd(d)d*d+d,d-,Zd.S)/EncryptionAlgorithmIddestripledes_3keyrc2rc4rc5Z aes128_ecb aes128_cbc aes128_ofbZ aes128_cfbZ aes128_wrapZ aes128_gcm aes128_ccmZaes128_wrap_padZ aes192_ecb aes192_cbc aes192_ofbZ aes192_cfbZ aes192_wrapZ aes192_gcm aes192_ccmZaes192_wrap_padZ aes256_ecb aes256_cbc aes256_ofbZ aes256_cfbZ aes256_wrapZ aes256_gcm aes256_ccmZaes256_wrap_padpbes2 pbes1_md2_des pbes1_md5_des pbes1_md2_rc2 pbes1_md5_rc2pbes1_sha1_despbes1_sha1_rc2pkcs12_sha1_rc4_128pkcs12_sha1_rc4_40pkcs12_sha1_tripledes_3keypkcs12_sha1_tripledes_2keypkcs12_sha1_rc2_128pkcs12_sha1_rc2_40Zrsaes_pkcs1v15 rsaes_oaep),z 1.3.14.3.2.7z1.2.840.113549.3.7z1.2.840.113549.3.2z1.2.840.113549.3.4z1.2.840.113549.3.9z2.16.840.1.101.3.4.1.1z2.16.840.1.101.3.4.1.2z2.16.840.1.101.3.4.1.3z2.16.840.1.101.3.4.1.4z2.16.840.1.101.3.4.1.5z2.16.840.1.101.3.4.1.6z2.16.840.1.101.3.4.1.7z2.16.840.1.101.3.4.1.8z2.16.840.1.101.3.4.1.21z2.16.840.1.101.3.4.1.22z2.16.840.1.101.3.4.1.23z2.16.840.1.101.3.4.1.24z2.16.840.1.101.3.4.1.25z2.16.840.1.101.3.4.1.26z2.16.840.1.101.3.4.1.27z2.16.840.1.101.3.4.1.28z2.16.840.1.101.3.4.1.41z2.16.840.1.101.3.4.1.42z2.16.840.1.101.3.4.1.43z2.16.840.1.101.3.4.1.44z2.16.840.1.101.3.4.1.45z2.16.840.1.101.3.4.1.46z2.16.840.1.101.3.4.1.47z2.16.840.1.101.3.4.1.48z1.2.840.113549.1.5.13z1.2.840.113549.1.5.1z1.2.840.113549.1.5.3z1.2.840.113549.1.5.4z1.2.840.113549.1.5.6z1.2.840.113549.1.5.10z1.2.840.113549.1.5.11z1.2.840.113549.1.12.1.1z1.2.840.113549.1.12.1.2z1.2.840.113549.1.12.1.3z1.2.840.113549.1.12.1.4z1.2.840.113549.1.12.1.5z1.2.840.113549.1.12.1.6z1.2.840.113549.1.1.1z1.2.840.113549.1.1.7N)rrrr9rrrrrRsXrc@seZdZdefdeddifgZdZeeee eeeeeee e e e e e e e e e e e e e e e dZ eddZed d Zed d Zed dZeddZeddZeddZeddZeddZdS)EncryptionAlgorithmrrrT)rr)rrrrrrrrrrrrrrrrrrrrrrrrrrcCs|dj}|dkr$|dddjS|ddkrv|ddkrh|dd\}}|d kr\d S|d krhd Sttd |ttd|dS)z Returns the name of the key derivation function to use. :return: A unicode from of one of the following: "pbkdf1", "pbkdf2", "pkcs12_kdf" rrrkey_derivation_func._rZpbes1Zpbkdf1Zpkcs12Z pkcs12_kdfz~ Encryption algorithm "%s" does not have a registered key derivation function zw Unrecognized encryption algorithm "%s", can not determine key derivation function N)rfindsplitrfr)r#encryption_algorrrrkdfs zEncryptionAlgorithm.kdfcCs~|dj}|dkr,|dddddjS|ddkrl|ddkr^|dd \}}}|Sttd |ttd |d S) z Returns the HMAC algorithm to use with the KDF. :return: A unicode string of one of the following: "md2", "md5", "sha1", "sha224", "sha256", "sha384", "sha512" rrrrrqrrrrJz~ Encryption algorithm "%s" does not have a registered key derivation function z} Unrecognized encryption algorithm "%s", can not determine key derivation hmac algorithm N)rrrrfr)r#rrZ hmac_algorrrkdf_hmacs zEncryptionAlgorithm.kdf_hmaccCs|dj}|dkrB|dddd}|jdkr|S|d krJd S|d kr`|ddjS|ddkrddd d dd ddd d d d d |Sttd|dS)al Returns the name of the symmetric encryption cipher to use. The key length can be retrieved via the .key_length property to disabiguate between different variations of TripleDES, AES, and the RC* ciphers. :return: A unicode string from one of the following: "rc2", "rc5", "des", "tripledes", "aes" rrrrrrrrrrrZ tripledesrrrrrr) rrrrrrrrrrrrz@ Unrecognized encryption algorithm "%s" N)rr+encryption_cipherrrfr)r#rrrrrs4 z%EncryptionAlgorithm.encryption_cipherc Cs|dj}|ddtdddgkr(dSdddd }||krD||S|d kr`|d jd jdS|d krv|d djS|ddkrddddddddddddd |Sttd|dS)z Returns the block size of the encryption cipher, in bytes. :return: An integer that is the block size in bytes rrrrrrrr)rrrrrrrrrr) rrrrrrrrrrrrz@ Unrecognized encryption algorithm "%s" N)rr+rencryption_block_sizerrfr)r#rZ cipher_maprrrrs: z)EncryptionAlgorithm.encryption_block_sizec Cs|dj}|tddgkr*|djdjStdddd d d d d g}||krT|djS|dkrj|ddjS|ddkr|dSttd|dS)a Returns the byte string of the initialization vector for the encryption scheme. Only the PBES2 stores the IV in the params. For PBES1, the IV is derived from the KDF and this property will return None. :return: A byte string or None rrrrr}rrrrrrrrrrrrNz@ Unrecognized encryption algorithm "%s" )rr+r encryption_ivrrfr)r#rZoctet_string_iv_oidsrrrr1s*  z!EncryptionAlgorithm.encryption_ivN)rrrrr rrrr{rrrrr rjrrrrrprrrrrrrrrsL ) $ - " ` " 1 3rc@seZdZdefdefgZdS) Pbes2ParamsrrN)rrrrtrrrrrrrbsrc@seZdZdefdefgZdS) Pbmac1ParamsrZmessage_auth_schemeN)rrrrtr:rrrrrrisrc@seZdZddiZdS) Pkcs5MacIdz1.2.840.113549.1.5.14pbmac1N)rrrr9rrrrrpsrc@s(eZdZdefdefgZdZdeiZdS)Pkcs5MacAlgorithmrr)rrrN) rrrrr rrrr rrrrrvs rrc@seZdZiZddZdS)AnyAlgorithmIdcCs@|jj}x2tttfD]$}x|jD]\}}|||<q$WqWdS)N)r'r9rrMr;items)r#r9 other_clsoidrrrr_setupszAnyAlgorithmId._setupN)rrrr9rrrrrrsrc@s2eZdZdefdeddifgZdZiZddZdS) AnyAlgorithmIdentifierrrrT)rrcCsHt||jj}x0ttfD]$}x|jD]\}}|||<q,WqWdS)N)rrr'r rrer)r#Zspecsrrspecrrrrs  zAnyAlgorithmIdentifier._setupN) rrrrr rrr rrrrrrs rN)=r*Z __future__rrrrZ_errorsr_intrutilr r Zcorer r r rrrrrrobjectrr-r:r;r>r?r@rBrCrErMrerkrmrrrtrurxrzr{r~rrrrrrrrrrrrrr rrrrrrs\  (9 (<a       #35^